Cloud Security

The Blue Magic forum is a forum written in PHP and is widely used in China. Due to some code defects in its user registration module, malicious attackers can escalate normal users to administrators. Let's take a look at an intrusion

Drop PROCEDURE sp_makewebtaskExec master .. sp_dropextendedproc xp_cmdshellExec master .. sp_dropextendedproc xp_dirtreeExec master .. sp_dropextendedproc xp_fileexistExec master .. sp_dropextendedproc xp_terminate_processExec master ..

A Trojan is a popular type of virus file. Unlike a common virus, it does not multiply itself or infect other files. It attracts users to download and execute their own disguise, or in the form of bundling in the webpage, when users browse the

System Administrators often complain that they cannot eliminate system vulnerabilities because they do not know which of the following security issues are the least secure, and they do not have time to deal with all the problems. To this end, the

Trojans are generally divided into client programs and server programs. client programs are used to remotely control computers. The server program is hidden in a remote computer and receives and executes commands issued by the client program.

In daily computer operations, we may encounter passwords anytime, anywhere. Generally, we use passwords in combination with numbers, letters, and underscores. However, such passwords are hard to remember and can be easily cracked, try setting the

The NETDOM. EXE tool can not only be added to the domain, but also establish computer accounts and trust relationships. There are two ways to add a computer to the domain and create an account at the same time. If you are not an administrator, you

Source: Skynet Regedt32.exe can be used to set permissions for registry keys. Nt/2000/users set the SAM key to "Full Control" for me. In this way, you can read and write the information in the SAM key. The steps are as follows: 1. Assume that we log

Naming a file is far less difficult than naming a file, but do you know? Sometimes changing the name of a file can solve some of our features, such as preventing malicious attacks, unlocking registry restrictions, repairing damaged files, and

Background Windows File Association allows an application to define a handler that shoshould be called for each operation on a specific file type. For example, WinRAR registers the file type. RAR in the following manner:  The Open action defined for

(1) Enable the php security mode The security mode of php is a very important embedded security mechanism that can control some php functions, such as system (),At the same time, many file operation functions are subject to permission control, and

Due to concerns about some website injection vulnerabilities, FSO, stream, WSCRIPT. SHELL and other components were deleted during Server installation. Result When VMware is installed, the wscript. shell cannot be found. Restore wscript. shell We

1. Problems Encountered during permission escalation 2. program running and parameter calling3. Skip the restriction1. Problems Encountered during permission escalationI think you have encountered this problem when raising the permission, that is,

// Use the domain administrator account ipc to access a server  Net use \ IP address \ ipc $ "password"/user: domain administrator @ current domain name // Copy the local gsecdump.exe file to the C: \ WINDOWS Directory copy gsecdump.exe \ IP

Enumeration is keyLinux privilege escalation is all about: 1) Enumeration, more enumeration, and more enumeration2) Sorting through data, analysis and prioritisation3) Knowing where to find exploit code4) Customisation and compilation skills5)

When detecting a station, the station encountered a WinWebMail mailbox system and found some minor problems. The email system has no Web security problems, but the IIS configuration is improper, resulting in direct getshell.   00X01 Vulnerability

SQL Server blocks access to 'sys. xp_mongoshell' during the 'xp _ mongoshell' process, because this component has been disabled as part of the Server's security configuration. The system administrator can enable 'xp _ javasshell' by using

Note: Before reading this article, it is best to have a certain foundation. The author of the original article will give you some tutorials. The translator I specifically found out the link for you (this resource is to be reviewed). The first is the

How to save Host ids ossec log files to MYSQLOSSEC Series II-write your own DECODE (Elementary)OssecYou can check the file, including whether the file is modified and the modified content.(Normal means, sometimes)And file attributes.For file

Please pay special attention to the following content for impetuous users who only read the title !!!Quick MySQL local and remote password cracking! The first thing we need to explain to the database maintenance personnel is that you don't have to